BodgeIt Store : Vulnerable Web Application For Penetration Testing !
The Hacker News


  • Easy to install – just requires java and a servlet engine, e.g. Tomcat
  • Self contained (no additional dependencies other than to 2 in the above line)
  • Easy to change on the fly – all the functionality is implemented in JSPs, so no IDE required
  • Cross platform
  • Open source
  • No separate db to install and configure – it uses an 'in memory' db that is automatically (re)initialized on start up
  • There is also a 'scoring' page where you can see various hacking challenges and whether you have completed them or not.

All you need to do is download and open the zip file, and then extract the war file into the webapps directory of your favorite servlet engine.

Then point your browser at (for example) https://localhost:8080/bodgeit

You can download BodgeIt Store here:
Download Now Or read more here.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.